Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,781
Erlang
36
GitHub Actions
29
Go
2,345
Maven
5,000+
npm
3,976
NuGet
719
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

122,506 advisories

Loading
In WhiteBeam 0.2.0 through 0.2.1 before 0.2.2, a user with local access to a server can bypass... Moderate Unreviewed
CVE-2021-47688 was published Jun 23, 2025
A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical.... Moderate Unreviewed
CVE-2025-6518 was published Jun 23, 2025
Out-of-bounds Read vulnerability in dail8859 NotepadNext (src/lua/src modules). This... Moderate Unreviewed
CVE-2025-52938 was published Jun 23, 2025
Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within... Moderate Unreviewed
CVE-2025-52920 was published Jun 23, 2025
An incorrect authorization vulnerability exists in multiple WSO2 products that allows... Moderate Unreviewed
CVE-2024-3511 was published Jun 23, 2025
A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-6476 was published Jun 23, 2025
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as... Moderate Unreviewed
CVE-2025-6401 was published Jun 23, 2025
IBM Process Mining 2.0.1 IF001 and 2.0.1 could allow a remote attacker to conduct phishing... Moderate Unreviewed
CVE-2025-36016 was published Jun 23, 2025
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an authenticated user... Moderate Unreviewed
CVE-2025-3629 was published Jun 23, 2025
A vulnerability classified as critical has been found in code-projects Online Bidding System 1.0.... Moderate Unreviewed
CVE-2025-6470 was published Jun 23, 2025
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-5143 was published Jun 23, 2025
A vulnerability was found in code-projects Online Bidding System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-6469 was published Jun 23, 2025
A vulnerability was found in code-projects Online Bidding System 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-6468 was published Jun 23, 2025
A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-6478 was published Jun 23, 2025
A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza... Moderate Unreviewed
CVE-2025-6481 was published Jun 23, 2025
A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1... Moderate Unreviewed
CVE-2025-6480 was published Jun 23, 2025
A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering... Moderate Unreviewed
CVE-2025-6479 was published Jun 23, 2025
Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2025-5820 was published Jun 23, 2025
Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2025-5476 was published Jun 23, 2025
A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2025-6517 was published Jun 23, 2025
A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This... Moderate Unreviewed
CVE-2025-6516 was published Jun 23, 2025
A vulnerability was found in seaswalker spring-analysis up to... Moderate Unreviewed
CVE-2025-6509 was published Jun 23, 2025
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible Moderate Unreviewed
CVE-2025-52877 was published Jun 23, 2025
In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper... Moderate Unreviewed
CVE-2025-52878 was published Jun 23, 2025
In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible Moderate Unreviewed
CVE-2025-52879 was published Jun 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database